Network Fundamentals for Information Assurance & Security

Aim

To develop a student’s knowledge of network protocol fundamentals and the analysis and correlation of data sourced from network packet streams and from various network devices in an enterprise network

Learning Outcomes

On successful completion of this course, the learner will be able to:

1. Capture, manipulate, and replay packets
2. Analyse data retrieved from network packet capture data using command line tools.
3. Develop and apply an advanced knowledge of key live and network forensic principles and methods.
4. Evaluate network forensics tools and evidence acquisition and analysis from various network devices.
5. Evaluate common approaches to network forensic analysis and their utility in various investigative scenarios
6. Apply knowledge of networking protocols to identify potential evidence within traffic captures and intrusion detection alerts.

Indicative content

• Network protocol fundamentals
• Packet capture, manipulation, replay
• Packet capture applications and data
• Network evidence types and sources
• Investigation OPSEC and footprint considerations
• Common network protocol analysis
• NSM data types
• Log data and other data to supplement network examinations